Privacytools.io: 🆕 Software Suggestion | xBrowserSync bookmarks synchronization between devices
Basic Information
Name: xBrowserSync
Category: Not sure, could be in File Sync or Browser Extensions as a mention?
URL: https://www.xbrowsersync.org/ (sourcecode for both the client app and server: https://github.com/xbrowsersync)
Description
xBrowserSync is a free, open-source and end-to-end encrypted alternative to synchronize bookmarks across your devices. Your data is encrypted and decrypted on your device, no one but you can read it. There is no registration needed, all is needed is to enter a randomly generated id on all devices. Different servers are available, and it can also be self-hosted.
Why I am making the suggestion
Synchronizing browsing between devices is a common need nowadays, and this solution is E2EE, opensource and free. I know it since years but before it was very cumbersome to use, but recently the bookmark sharing has gotten a lot better and is transparent on the most common browsers (Firefox, Chrome, Opera, works on Android smartphones too by sharing links to the app), so I've restarted using it and I can recommend it as it is simple enough to use now IMHO.
In the future, they plan to synchronize open tabs and history too, but for the moment I did not see these features implemented.
My connection with the software
Just a (recent) user.
- [x] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
lrq3000
All 6 comments
To clarify how it works in practice:
- install the browser extension on your computer (Chrome, Firefox, Opera)
- install the XBrowserSync app on your smartphone
- configure both with the same password and randomly generated id (a QR code is generated to more easily share between devices)
- add bookmarks as usual on your computer, they will appear automatically on other computers with the browser extension, and on Android smartphones you can find them in the XBrowserSync app.
- from the Android smartphone, when browsing a website with any browser, share the link to the XBrowserSync app (do not bookmark, it does not work yet in my experience). The XBrowserSync app will automatically fetch the title and a description if possible, and it's possible to add tags. Saved links in the Android app will be automatically synchronized to the computers with the browser extension, directly in the browser's bookmarks.
Note it's not made for offline browsing (unlike Wallabag for instance, BTW this app being not E2EE), it's really just for bookmarks synchronization, the content of the links (apart from the title and a description, both being editable by user) are not stored.
lrq3000
on 23 Feb 2020
Interesting add-on and certainly a must. Firefox provides bookmark sync out of the box, but I believe it doesn't let you host the data yourself, no idea on encryption.
I'd propose adding this one to the Recommended Add-ons.
hugoncosta
on 23 Feb 2020
Does the end to end encryption that is utilized by the addon have an audit?
blacklight447-ptio
on 2 Mar 2020
No 3rd-party audit of xBrowserSync specifically, but all crypto is done using the Web Crypto API in the client's browser, which itself should be audited.
Also some more details from the FAQ:
How is my data encrypted? I’m concerned about submitting it to unknown and untrusted servers. Can it really not be decrypted by anyone but me?
xBrowserSync utilises the browser’s native Web Crypto library to encrypt your browser data client-side before it is transmitted over the internet. For key derivation, xBrowserSync uses PBKDF2 with 250,000 rounds of SHA-256 (as a comparison, LastPass’ key derivation uses a similar approach but with only 100,100 rounds by default). The data is then encrypted using AES-GCM with a random 16 byte IV and the user’s random 32 char sync ID as a salt. This approach ensures your data cannot be decrypted without your sync password (which is never transmitted) so please ensure you use a strong password! If you would like to review the encryption code, the relevant functions are getPasswordHash and encryptData.
lrq3000
on 2 Mar 2020
Just edited my posts and title to respect the x in lowercase (XBrowserSync -> xBrowserSync)
lrq3000
on 3 Mar 2020
perhaps with adding xBrowserSync (thanks for bringing this up :+1:), it will be also worth mentioning floccus (https://github.com/marcelklehr/floccus) for those who don't want to setup an own dedicated service for bookmark-syncing but already have a trusted sync-service.
i really like its approach to support different sync-backends like nextcloud-bookmarks, a generic WebDAV-server or any other file-storage.
DJCrashdummy
on 13 Apr 2020
Related issues
ghost
·
37Comments
angela-d
·
82Comments
MystesofEternity
·
66Comments
jonaharagon
·
36Comments
hyc
·
61Comments
Most helpful comment
perhaps with adding xBrowserSync (thanks for bringing this up :+1:), it will be also worth mentioning floccus (https://github.com/marcelklehr/floccus) for those who don't want to setup an own dedicated service for bookmark-syncing but already have a trusted sync-service.
i really like its approach to support different sync-backends like nextcloud-bookmarks, a generic WebDAV-server or any other file-storage.